Skip to main content
SpringerLink
Log in

Enhancing anomaly detection through restricted Boltzmann machine features projection

  • Original Research
  • Published:
International Journal of Information Technology Aims and scope Submit manuscript

Abstract

Technology has been nurturing a wide range of applications in the past decades, assisting humans in automating some of their daily tasks. Nevertheless, more advanced technology systems also expose some potential flaws, which encourage malicious users to explore and break their security. Researchers attempted to overcome such problems by fostering intrusion detection systems, which are security layers that try to detect mischievous attempts. Apart from that, increasing demand for machine learning also enabled the possibility of combining such approaches in order to provide more robust detection systems. In this context, we introduce a novel approach to deal with anomaly detection, where instead of using the problem’s raw features, we project them through a restricted Boltzmann machine. The intended approach was assessed under a well-known literature anomaly detection dataset and achieved suitable results, better than some state-of-the-art approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Notes

  1. https://www.kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.

  2. https://www.unb.ca/cic/datasets/nsl.html.

  3. The experiment’s source code is available at https://github.com/danielfssantos/anomaly_detection.

References

  1. Aldweesh A, Derhab A, Emam AZ (2020) Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl Based Syst 189:105124

    Article  Google Scholar 

  2. Bhuyan M, Bhattacharyya D, Kalita J (2014) Network anomaly detection: methods, systems and tools. IEEE Commun Surv Tutor 16(1):303–336

    Article  Google Scholar 

  3. Bijone M (2016) A survey on secure network: intrusion detection and prevention approaches. Am J Inf Syst 4(3):69–88

    Google Scholar 

  4. Chalapathy R, Chawla, S (2019) Deep learning for anomaly detection: a survey. arXiv preprint arXiv:1901.03407

  5. Cisco (2013) The 2018 Cisco annual security report. Cisco Systems

  6. Gan XS, Duanmu JS, Wang JF, Cong W (2013) Anomaly intrusion detection based on PLS feature extraction and core vector machine. Knowl Based Syst 40:1–6

    Article  Google Scholar 

  7. Hinton G (2002) Training products of experts by minimizing contrastive divergence. Neural Comput 14(8):1771–1800

    Article  Google Scholar 

  8. Hinton G (2012) A practical guide to training restricted Boltzmann machines. Neural networks: tricks of the trade. Lecture notes in computer science, vol 7700. Springer, Berlin, pp 599–619

    Google Scholar 

  9. Hodo, E, Bellekens, X, Hamilton, A, Tachtatzis, CAtkinson, R (2017) Shallow and deep networks intrusion detection system: a taxonomy and survey. arXiv preprint arXiv:1701.02145

  10. Kaushik SS, Deshmukh P (2011) Detection of attacks in an intrusion detection system. Int J Comput Sci Inf Technol (IJCSIT) 2(3):982–986

    Google Scholar 

  11. Lippmann R, Fried D, Graf I, Haines J, Kendall K, McClung D, Weber D, Webster S, Wyschogrod D, Cunningham R, Zissman M (2000) Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation. Proceedings DARPA Information Survivability Conference and Exposition, vol 2. Hilton Head, pp 12–26. https://doi.org/10.1109/DISCEX.2000.821506

  12. Moustafa N, Hu J, Slay J (2019) A holistic review of network anomaly detection systems: a comprehensive survey. J Netw Comput Appl 128:33–55

    Article  Google Scholar 

  13. Schmidt L, Santurkar S, Tsipras D, Talwar K, Madry A (2018) Adversarially robust generalization requires more data. In: Advances in neural information processing systems, pp 5014–5026

  14. Shahbaz MB, Wang X, Behnad A, Samarabandu J (2016) On efficiency enhancement of the correlation-based feature selection for intrusion detection systems. In: 2016 IEEE 7th annual information technology, electronics and mobile communication conference (IEMCON). IEEE, pp 1–7

  15. Srivastava N, Salakhutdinov, RR (2016) Multimodal learning with deep Boltzmann machines. In: Advances in neural information processing systems, pp 2222–2230 (2016)

  16. Stolfo S, Fan W, Lee W, Prodromidis A, Chan P (2000) Cost-based modeling for fraud and intrusion detection: results from the jam project, vol 2, pp 130–144. https://doi.org/10.1109/DISCEX.2000.821515

  17. Tama B, Comuzzi M, Rhee K (2019) Tse-ids: a two-stage classifier ensemble for intelligent anomaly-based intrusion detection system. IEEE Access 7:94497–94507

    Article  Google Scholar 

  18. Tama B, Rhee K (2016) Performance analysis of multiple classifier system in dos attack detection. Revised Selected Papers of the 16th International Workshop on Information Security Applications, vol 9503. Springer, Berlin, pp 339–347. https://dl.acm.org/doi/10.1007/978-3-319-31875-2_28

  19. Tama BA, Patil AS, Rhee K (2017) An improved model of anomaly detection using two-level classifier ensemble. In: 12th Asia joint conference on information security (AsiaJCIS), Seoul, pp 1–4. https://doi.org/10.1109/AsiaJCIS.2017.9

  20. Tavallaee M, Bagheri E, Lu W, Ghorbani A (2009) A detailed analysis of the KDD cup 99 data set. In: Proceedings of the second IEEE international conference on computational intelligence for security and defense applications, CISDA’09. IEEE Press, Piscataway, NJ, USA, pp 53–58

  21. Tieleman T (2008) Training restricted Boltzmann machines using approximations to the likelihood gradient. In: Proceedings of the 25th international conference on Machine learning. ACM, pp 1064–1071

  22. van Oorschot PC (2020) Intrusion detection and network-based attacks. In: Computer security and the internet. Springer, pp 309–338

  23. Wang J, Shan Z, Gupta M, Rao HR (2019) A longitudinal study of unauthorized access attempts on information systems: the role of opportunity contexts. MIS Q 43(2):601–622

    Article  Google Scholar 

Download references

Acknowledgements

The authors appreciate São Paulo Research Foundation (FAPESP) Grants #2019/02205-5 and #2019/07825-1, as well as Petrobras Grant #2017/00285-6.

Author information

Authors and Affiliations

  1. Department of Computing, São Paulo State University, Av. Eng. Luiz Edmundo Carrijo Coube, 14-01, Bauru, SP, 17033-360, Brazil

    Gustavo H. de Rosa, Mateus Roder, Daniel F. S. Santos & Kelton A. P. Costa

Authors
  1. Gustavo H. de Rosa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mateus Roder
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel F. S. Santos
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kelton A. P. Costa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gustavo H. de Rosa.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rosa, G.H.d., Roder, M., Santos, D.F.S. et al. Enhancing anomaly detection through restricted Boltzmann machine features projection. Int. j. inf. tecnol. 13, 49–57 (2021). https://doi.org/10.1007/s41870-020-00535-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41870-020-00535-4

Keywords

Search

Navigation